# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1DevicePolicy do
  @moduledoc """
  `DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

  ## Attributes

  *   `allowedDeviceManagementLevels` (*type:* `list(String.t)`, *default:* `nil`) - Allowed device management levels, an empty list allows all management levels.
  *   `allowedEncryptionStatuses` (*type:* `list(String.t)`, *default:* `nil`) - Allowed encryptions statuses, an empty list allows all statuses.
  *   `osConstraints` (*type:* `list(GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1OsConstraint.t)`, *default:* `nil`) - Allowed OS versions, an empty list allows all types and all versions.
  *   `requireAdminApproval` (*type:* `boolean()`, *default:* `nil`) - Whether the device needs to be approved by the customer admin.
  *   `requireCorpOwned` (*type:* `boolean()`, *default:* `nil`) - Whether the device needs to be corp owned.
  *   `requireScreenlock` (*type:* `boolean()`, *default:* `nil`) - Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`.
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :allowedDeviceManagementLevels => list(String.t()) | nil,
          :allowedEncryptionStatuses => list(String.t()) | nil,
          :osConstraints =>
            list(
              GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1OsConstraint.t()
            )
            | nil,
          :requireAdminApproval => boolean() | nil,
          :requireCorpOwned => boolean() | nil,
          :requireScreenlock => boolean() | nil
        }

  field(:allowedDeviceManagementLevels, type: :list)
  field(:allowedEncryptionStatuses, type: :list)

  field(:osConstraints,
    as: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1OsConstraint,
    type: :list
  )

  field(:requireAdminApproval)
  field(:requireCorpOwned)
  field(:requireScreenlock)
end

defimpl Poison.Decoder,
  for: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1DevicePolicy do
  def decode(value, options) do
    GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1DevicePolicy.decode(
      value,
      options
    )
  end
end

defimpl Poison.Encoder,
  for: GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1DevicePolicy do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end
